实验: In 24 hours, AFLFast exposes 3 previously unreported CVEs that are not exposed by AFL and exposes 6 previously unreported CVEs 7x faster than AFL. AFLFast produces at least an order of magnitude more unique crashes than AFL. https://github.com/mboehme/aflfast...
提出了轻量级的定向模糊测试方法SCDF(Sequence Coverage Directed Fuzzing),根据用户指定的目标语句序列按顺序进行测试,使用序列的覆盖率评估测试用例,并调整测试用例的energy 实现了一个原型系统LOLLY 实验表明LOLLY在高效性和有效性上优于AFLGo和BugRedux。AFLGo是定向灰盒模糊测试的代表性工具,BugRedux是定向白盒模糊测试...
The following topics are dealt with: software maintenance; source code (software); program diagnostics; data mining; Java; software quality; program debugging; learning (artificial intelligence); software metrics; public domain software.Hongliang LiangYini ZhangYue YuZhuosi XieLin Jiang会议论文...
Our key observation is that we can use AFL's grey box fuzzing capability to direct the search towards new schedules, and thus lead to property failure. We have implemented this technique in ConFuzz, a concurrent property fuzz testing tool for concurrent OCaml programs using the popular Lwt [...
For coverage-guided fuzzing (greybox fuzzing), a fuzzing controller is introduced to guide the mutation according to the request-related coverage. However, the coverage of the VNFs is not easy to obtain because of the integrity checks. The potential way is to implant a program into the virtual...
For coverage-guided fuzzing (greybox fuzzing), a fuzzing controller is introduced to guide the mutation according to the request-related coverage. However, the coverage of the VNFs is not easy to obtain because of the integrity checks. The potential way is to implant a program into the virtual...
Proj THUDBFuzz Paper Reading: Zeror: Speed Up Fuzzing with Coverage-sensitive Tracing and Scheduling rt
For coverage-guided fuzzing (greybox fuzzing), a fuzzing controller is introduced to guide the mutation according to the request-related coverage. However, the coverage of the VNFs is not easy to obtain because of the integrity checks. The potential way is to implant a pro- gram into the ...
For coverage-guided fuzzing (greybox fuzzing), a fuzzing controller is introduced to guide the mutation according to the request-related coverage. However, the coverage of the VNFs is not easy to obtain because of the integrity checks. The potential way is to implant a pro- gram into the ...
Coverage-based greybox fuzzing as markov chain. IEEE Trans. Softw. Eng. 2017, 45, 489–506. [CrossRef] 4. Lemieux, C.; Sen, K. Fairfuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage. In Proceedings of the 33rd ACM/IEEE International Conference on Automated ...